[2024-Feb-New]Braindump2go Professional-Cloud-Developer PDF Dumps(102-268)

More documents

Recommendations

Info

Braindump2go Guarantee All Exams 100% Pass One Time! You are a developer at a large organization. You have an application written in Go running in a production Google Kubernetes Engine (GKE) cluster. You need to add a new feature that requires access to BigQuery. You want to grant BigQuery access to your GKE cluster following Google-recommended best practices. What should you do? A. Create a Google service account with BigQuery access. Add the JSON key to Secret Manager, and use the Go client library to access the JSON key. B. Create a Google service account with BigQuery access. Add the Google service account JSON key as a Kubernetes secret, and configure the application to use this secret. C. Create a Google service account with BigQuery access. Add the Google service account JSON key to Secret Manager, and use an init container to access the secret for the application to use. D. Create a Google service account and a Kubernetes service account. Configure Workload Identity on the GKE cluster, and reference the Kubernetes service account on the application Deployment. Answer: D Explanation: Workload Identity allows a Kubernetes service account in your GKE cluster to act as an IAM service account. Pods that use the configured Kubernetes service account automatically authenticate as the IAM service account when accessing Google Cloud APIs. Using Workload Identity allows you to assign distinct, fine-grained identities and authorization for each application in your cluster. https://cloud.google.com/kubernetes-engine/docs/concepts/workload-identity#what_is QUESTION 232 You have an application written in Python running in production on Cloud Run. Your application needs to read/write data stored in a Cloud Storage bucket in the same project. You want to grant access to your application following the principle of least privilege. What should you do? A. Create a user-managed service account with a custom Identity and Access Management (IAM) role. B. Create a user-managed service account with the Storage Admin Identity and Access Management (IAM) role. C. Create a user-managed service account with the Project Editor Identity and Access Management (IAM) role. D. Use the default service account linked to the Cloud Run revision in production. Answer: A QUESTION 233 Your team is developing unit tests for Cloud Function code. The code is stored in a Cloud Source Repositories repository. You are responsible for implementing the tests. Only a specific service account has the necessary permissions to deploy the code to Cloud Functions. You want to ensure that the code cannot be deployed without first passing the tests. How should you configure the unit testing process? A. Configure Cloud Build to deploy the Cloud Function. If the code passes the tests, a deployment approval is sent to you. B. Configure Cloud Build to deploy the Cloud Function, using the specific service account as the build agent. Run the unit tests after successful deployment. C. Configure Cloud Build to run the unit tests. If the code passes the tests, the developer deploys the Cloud Function. D. Configure Cloud Build to run the unit tests, using the specific service account as the build agent. If the code passes the tests, Cloud Build deploys the Cloud Function. Answer: D Professional-Cloud-Developer Exam Dumps Professional-Cloud-Developer Exam Questions Professional-Cloud-Developer PDF Dumps Professional-Cloud-Developer VCE Dumps https://www.braindump2go.com/professional-cloud-developer.html
Braindump2go Guarantee All Exams 100% Pass One Time! QUESTION 234 Your team detected a spike of errors in an application running on Cloud Run in your production project. The application is configured to read messages from Pub/Sub topic A, process the messages, and write the messages to topic B. You want to conduct tests to identify the cause of the errors. You can use a set of mock messages for testing. What should you do? A. Deploy the Pub/Sub and Cloud Run emulators on your local machine. Deploy the application locally, and change the logging level in the application to DEBUG or INFO. Write mock messages to topic A, and then analyze the logs. B. Use the gcloud CLI to write mock messages to topic A. Change the logging level in the application to DEBUG or INFO, and then analyze the logs. C. Deploy the Pub/Sub emulator on your local machine. Point the production application to your local Pub/Sub topics. Write mock messages to topic A, and then analyze the logs. D. Use the Google Cloud console to write mock messages to topic A. Change the logging level in the application to DEBUG or INFO, and then analyze the logs. Answer: A Explanation: https://cloud.google.com/pubsub/docs/emulator QUESTION 235 You are developing a Java Web Server that needs to interact with Google Cloud services via the Google Cloud API on the user's behalf. Users should be able to authenticate to the Google Cloud API using their Google Cloud identities. Which workflow should you implement in your web application? A. 1. When a user arrives at your application, prompt them for their Google username and password. 2. Store an SHA password hash in your application's database along with the user's username. 3. The application authenticates to the Google Cloud API using HTTPs requests with the user's username and password hash in the Authorization request header. B. 1. When a user arrives at your application, prompt them for their Google username and password. 2. Forward the user's username and password in an HTTPS request to the Google Cloud authorization server, and request an access token. 3. The Google server validates the user's credentials and returns an access token to the application. 4. The application uses the access token to call the Google Cloud API. C. 1. When a user arrives at your application, route them to a Google Cloud consent screen with a list of requested permissions that prompts the user to sign in with SSO to their Google Account. 2. After the user signs in and provides consent, your application receives an authorization code from a Google server. 3. The Google server returns the authorization code to the user, which is stored in the browser's cookies. 4. The user authenticates to the Google Cloud API using the authorization code in the cookie. D. 1. When a user arrives at your application, route them to a Google Cloud consent screen with a list of requested permissions that prompts the user to sign in with SSO to their Google Account. 2. After the user signs in and provides consent, your application receives an authorization code from a Google server. 3. The application requests a Google Server to exchange the authorization code with an access token. 4. The Google server responds with the access token that is used by the application to call the Google Cloud API. Answer: D Professional-Cloud-Developer Exam Dumps Professional-Cloud-Developer Exam Questions Professional-Cloud-Developer PDF Dumps Professional-Cloud-Developer VCE Dumps https://www.braindump2go.com/professional-cloud-developer.html
Page 1 and 2:
Braindump2go Guarantee All Exams 10
Page 3 and 4:
Braindump2go Guarantee All Exams 10
Page 5 and 6: Braindump2go Guarantee All Exams 10
Page 13 and 14: B. Use a Google service account to
Page 15 and 16: alerts while minimizing costs. What
Page 27 and 28: services as much as possible. What
Page 45 and 46: Explanation: https://cloud.google.c
Page 55: Braindump2go Guarantee All Exams 10
Page 63 and 64: D. Store user data in BigQuery tabl
Page 71: Answer: B Explanation: https://clou
show all

[2024-Feb-New]Braindump2go Professional-Cloud-Developer PDF Dumps(102-268)

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?